Project

General

Profile

Activity

From 12/31/2023 to 01/29/2024

01/29/2024

10:03 PM Bug #14386: ``openvpn.auth-user.php`` gets stuck at 100% CPU usage when RADIUS authentication times out
Okay, I have that applied and working now. And I don't seem to see a runaway with a simple auth failure. We'll see ... Orion Poplawski
09:15 PM Bug #14386: ``openvpn.auth-user.php`` gets stuck at 100% CPU usage when RADIUS authentication times out
I updated the patch which should deal with the auth failure. Marcos M
08:52 PM Bug #14386: ``openvpn.auth-user.php`` gets stuck at 100% CPU usage when RADIUS authentication times out
As I noted, patching ovpn_auth_verify_async gave me auth failures. I could try it again an see if that is still the ... Orion Poplawski
06:06 PM Bug #14386: ``openvpn.auth-user.php`` gets stuck at 100% CPU usage when RADIUS authentication times out
Orion Poplawski wrote in #note-13:
> FWIW - still present in 2.7.2 and 23.09.1.
Does the patch from #note-11 work ar... Marcos M
08:11 PM pfSense Packages Todo #15119: Update nut-devel version and update startup script
Ping Denny Page
06:09 PM pfSense Docs Todo #15215 (Resolved): Point the main gateways page to the general gateways doc
Change merged. Marcos M
05:47 PM pfSense Docs Todo #15215 (Resolved): Point the main gateways page to the general gateways doc
System > Routing > Gateways currently points to the individual gateway settings page - it should point to the general... Marcos M
05:50 PM Feature #15207: DynDNS - Missing update KEY
Jim Pingle wrote in #note-9:
> OK so all of that still points toward it needing a new client entry created so it nee... Matt Keys
04:37 PM Feature #15207: DynDNS - Missing update KEY
OK so all of that still points toward it needing a new client entry created so it needs to be treated as such. Please... Jim Pingle
04:20 PM Feature #15207: DynDNS - Missing update KEY
They have not shut down username password auth as mine is still operating. They have just added key auth. The reason ... Matt Keys
03:58 PM Feature #15207: DynDNS - Missing update KEY
Matt Keys wrote in #note-6:
> If I'm not mistaken it is the same service, just under a different domain name. Dyn wa... Jim Pingle
03:44 PM Feature #15207: DynDNS - Missing update KEY
Hi Jim,
If I'm not mistaken it is the same service, just under a different domain name. Dyn was acquired by Oracle... Matt Keys
03:05 PM Feature #15207: DynDNS - Missing update KEY
It wasn't clear except for one tiny spot on one screenshot that you meant "dyn.com", "DynDNS" is a generic term and w... Jim Pingle
02:55 PM Feature #15207: DynDNS - Missing update KEY
Dyn Update clients - https://help.dyn.com/update-clients/
Dyn.com portal https://account.dyn.com/
 Matt Keys
02:51 PM Feature #15207: DynDNS - Missing update KEY
Jim Pingle wrote in #note-2:
> Whatever service that is, it would need to be added as a supported provider and not b... Matt Keys
02:18 PM Feature #15207 (Incomplete): DynDNS - Missing update KEY
Whatever service that is, it would need to be added as a supported provider and not be handled via the custom option.... Jim Pingle
05:35 PM Bug #15214 (Resolved): Advanced rule options tooltip does not show negated Tag option
Marcos M
05:25 PM Bug #15214 (Waiting on Merge): Advanced rule options tooltip does not show negated Tag option
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1128 Marcos M
05:21 PM Bug #15214 (Resolved): Advanced rule options tooltip does not show negated Tag option
When hovering over the advanced options icon for a firewall rule, the popup shows @tagged <tag>@ even when the tag is... Marcos M
05:30 PM Revision 4e569a40: Show negate option in popup for advanced rule options. Fix #15214
While there, reoder the tag text to read closr to
how rules are processed. Marcos M
05:28 PM Revision 6727d199: Revert "Show negate option in popup for advanced rule options. Fix #15214"
This reverts commit e933a0230e366faa772686447b530a145af06acf. Marcos M
05:24 PM Revision e933a023: Show negate option in popup for advanced rule options. Fix #15214
While there, reoder the tag text to read closr to
how rules are processed. Marcos M
04:54 PM Feature #15213 (New): Dyn.com / dyndns - Update client auth mechanism update
Dyn.com Dynamic DNS service is missing key authentication mechanisms currently.
I am following the request for new... Matt Keys
04:42 PM Regression #15051: Host(s) Aliases using Domains fail to resolve
Steve Wheeler wrote in #note-7:
> Unable to replicate that in 23.09.1:
Thank you Steve, I have reinstalled 23.09.... John Smith
03:22 PM Regression #15051 (Not a Bug): Host(s) Aliases using Domains fail to resolve
Unable to replicate that in 23.09.1:... Steve Wheeler
04:33 PM Bootstrap Bug #5274: services_dyndns_edit.php existing password is not loaded/saved when editing
Steve Russell wrote in #note-7:
> Ugh, yes, you are correct Jim, thanks! Password manager was autofilling the passw... Jim Pingle
04:15 PM Bootstrap Bug #5274: services_dyndns_edit.php existing password is not loaded/saved when editing
Ugh, yes, you are correct Jim, thanks! Password manager was autofilling the password field with who knows what.
S... Steve Russell
02:31 PM Bootstrap Bug #5274: services_dyndns_edit.php existing password is not loaded/saved when editing
Steve Russell wrote in #note-5:
> Not sure if this should be a separate bug now, or when this came back, but this is... Jim Pingle
02:26 PM Bootstrap Bug #5274: services_dyndns_edit.php existing password is not loaded/saved when editing
Not sure if this should be a separate bug now, or when this came back, but this issue is present in 2.60 and 2.72. Steve Russell
04:09 PM pfSense Docs Todo #15212 (New): Feedback on pfSense® software Configuration Recipes — WireGuard Remote Access VPN Configuration Example
*Page:* https://docs.netgate.com/pfsense/en/latest/recipes/wireguard-ra.html
*Feedback:*
See this discussion ab... Jim Kleckner
02:37 PM Bug #15210: Firewall Rules not deleting
I applied the rules after removing it. You can see in my screenshot, I even added a new rule to block port 80, to cou... Ricaardo Garcia
02:27 PM Bug #15210 (Not a Bug): Firewall Rules not deleting
You are either not applying the rules after editing or something is preventing the filter reload from completing whic... Jim Pingle
02:26 PM Feature #15209: Option to specify custom user home directory paths
There may be reasons to move it on some systems but this is meant to be a firewall appliance, not a general-purpose m... Jim Pingle
02:21 PM Feature #7943: Overflow scrolling for top navigation drop-down menus in Fixed mode
Updating subject for release notes. Jim Pingle
02:16 PM Todo #15188 (Resolved): Remove deprecated OpenVPN hardware crypto engine option
Jim Pingle
02:16 PM pfSense Plus Bug #15205 (Not a Bug): Changing a WAN type interface from DHCP to static IPv4 address causes WAN to appear in DHCP server configuration
This is normal and expected. Any static interface with a sufficient size subnet will appear in the DHCP server as an ... Jim Pingle
02:14 PM Feature #15203: Option to allow customized user home directory permissions to be preserved
The way the users are currently synchronized this type of action is made to ensure consistently and that the accounts... Jim Pingle
02:11 PM pfSense Packages Feature #15199 (Rejected): Unable to add user defined options to /etc/ssh/sshd_config due to its dynamic nature and no UI to add additional configuration options
The @sshd_extra@ file method is there for customizing directives. It was added for the sshdcond package but that pack... Jim Pingle
02:03 PM Feature #15201 (Rejected): Unified mechanism for update notifications
All things that have come up before and are either already part of longer term plans or decided against. Jim Pingle
02:03 PM pfSense Docs New Content #15200 (Rejected): usermanager privileges have ZERO documentation on the "User - System: Copy files to home directory (chrooted scp)" privileges setting/setup
That's a deliberate choice. The firewall is not meant to be a general-purpose file server with access handed out free... Jim Pingle
02:00 PM pfSense Packages Feature #15198 (Rejected): System_Patches package should advertize on the dashboard, or send notifications, if there are recommended patches available
This has been asked and answered before, tl;dr: Not going to happen. New patches come with new versions of the packag... Jim Pingle
11:58 AM Bug #15211 (Closed): tcpdump run with BIOS hardware clock set, but no on environment system time
Brilliant pfSense Stuff!
*Please fix* :
tcpdump could be run with TZ (Time Zone) set in the whole system environ... Sergei Shablovsky

01/28/2024

09:09 PM Regression #15051: Host(s) Aliases using Domains fail to resolve
Marcos M wrote in #note-5:
> It may be best to troubleshoot/discuss further on the forums to narrow down the issue g... John Smith
09:01 PM Regression #15051 (Incomplete): Host(s) Aliases using Domains fail to resolve
It may be best to troubleshoot/discuss further on the forums to narrow down the issue given that we cannot reproduce it. Marcos M
05:08 PM Regression #15051: Host(s) Aliases using Domains fail to resolve
Marcos M wrote in #note-3:
> > Aka google.com in an alias, all clients going to google.com should be diverted from WA... John Smith
05:05 PM Regression #15051 (Not a Bug): Host(s) Aliases using Domains fail to resolve
> Aka google.com in an alias, all clients going to google.com should be diverted from WAN to OpenVPN for that domain,... Marcos M
02:30 AM Regression #15051: Host(s) Aliases using Domains fail to resolve
Danilo Zrenjanin wrote in #note-1:
> I couldn't confirm that behavior on the 23.09.1 pfSense Plus release.
Hey Dani... John Smith
08:58 PM Feature #10271 (Feedback): Large number of VLAN/LANs make "Interfaces" menu hard to access
With the overflow fix in, handling this likely requires a longer-term general UX change. Marcos M
06:47 PM Feature #10271: Large number of VLAN/LANs make "Interfaces" menu hard to access
As far as I understand it is not a duplicate. The other linked topic talks about the problem with the top menubar bei... Jens Groh
04:52 PM Feature #10271 (Duplicate): Large number of VLAN/LANs make "Interfaces" menu hard to access
Marcos M
07:26 PM Bug #15210: Firewall Rules not deleting
I have an issue where I believe it may be a bug in the WebGUI for the firewall filters. I previously created a filter... Ricaardo Garcia
07:17 PM Bug #15210 (Not a Bug): Firewall Rules not deleting
I have an issue where I believe it may be a bug in the WebGUI for the firewall filters. I previously created a filter... Ricaardo Garcia
05:21 PM Feature #15209 (New): Option to specify custom user home directory paths
There are plenty of reasons not to have a home directory in /home/username
There should be the option of specifyin... Ronald Antony
04:55 PM Feature #7943: Overflow scrolling for top navigation drop-down menus in Fixed mode
Applied in changeset commit:79025bde07a7c9f9b4d6d80be3c2efca9f1bd2c4. Marcos M
04:51 PM Feature #7943 (Feedback): Overflow scrolling for top navigation drop-down menus in Fixed mode
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1127
The CSS fix works for Firefox / Chromium, desktop... Marcos M
04:46 PM Revision 79025bde: Add scroll when nagivating menus overlfow. Fix #7943
Marcos M
04:27 PM Bug #15194 (Incomplete): PHP Fatal error in easyrule CLI
I was not able to reproduce this. The error points to an issue writing the backup cache:... Marcos M
03:45 PM Bug #15146: Outbound NAT rules need re-applied after restore in different hardware
This may have been an indirect result of #15197 Marcos M
03:42 PM Regression #15206 (Resolved): Deleting OpenVPN server or client on 24.03 release gives an error
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1126 Marcos M
06:13 AM Regression #15206 (Resolved): Deleting OpenVPN server or client on 24.03 release gives an error
Attempt delete OpenVPN server or client on 24.03 release gives an error.
24.03-DEVELOPMENT (amd64)
built on Fri Jan... aleksei prokofiev
03:40 PM Revision e022d8cd: Use the correct function parameters. Fix #15206
Marcos M
03:30 PM Feature #855 (Feedback): Ability to selectively kill states on gateway recovery
Applied in changeset commit:30d46b63834444e9a7a4af310a5d8aaf94baf01a. Marcos M
03:30 PM Bug #12920 (Feedback): Gateway behavior differs when the gateway does not exist in the configuration
Applied in changeset commit:17e64d8dc879e2282a95291621f4192f841f6cc5. Marcos M
03:30 PM Bug #12942 (Feedback): Code to kill states for old gateway when reconnecting an interface is incorrect
Applied in changeset commit:b4df50f412a219e7c58563adb47fe1eabb2c405f. Marcos M
03:21 PM pfSense Docs New Content #15208 (Resolved): Document the new gateway recovery state killing feature
Feature details here:
https://redmine.pfsense.org/issues/855 Marcos M
03:18 PM Revision 30d46b63: Kill states on gateway failover recovery. Implement #855
Marcos M
03:18 PM Revision 17e64d8d: Sync generated gateways to config. Fix #12920
Marcos M
03:18 PM Revision b4df50f4: Remove old state killing colde. Fix #12942
For rc.newwanip, it's redundant to kill specific states before killing
all states. For ppp-linkup, state killing is a... Marcos M
01:13 PM Feature #15207: DynDNS - Missing update KEY
!
!clipboard-202401280813-wtbis.png!
! Matt Keys
12:55 PM Feature #15207 (Incomplete): DynDNS - Missing update KEY
I apologize if this has already been reported, or already exists as a feature request. I did search previous to post,... Matt Keys
07:39 AM Bug #14919: OpenVPN forms invalid ``route`` statements for empty local networks
Tested on
24.03-DEVELOPMENT (amd64)
built on Fri Jan 26 9:00:00 MSK 2024
FreeBSD 15.0-CURRENT
The issue still p... aleksei prokofiev
05:04 AM Bug #15178: ACB (autoconfig backup) restore always returns could not decrypt despite proper password
Tested on
24.03-DEVELOPMENT (amd64)
built on Wed Jan 17 6:00:00 UTC 2024
FreeBSD 15.0-CURRENT
I am unable to ... aleksei prokofiev
04:55 AM Todo #15188: Remove deprecated OpenVPN hardware crypto engine option
Tested on
23.09.1-RELEASE (amd64)
built on Wed Dec 20 21:27:00 MSK 2023
FreeBSD 14.0-CURRENT
24.03-DEVELOPMENT... aleksei prokofiev
02:41 AM pfSense Plus Bug #14401: Changing from Switchport to Discrete Interface in VGA/Serial Console Breaks Port Status Monitoring
possibly related? https://redmine.netgate.com/issues/12480 Jordan G
02:24 AM pfSense Plus Bug #14894: Password protected console login prompt does not render properly on 4100/6100/8200 serial console
seems present on ARM-based as well, when connecting with 1100 console, this is all we see of the first line after con... Jordan G
02:10 AM pfSense Plus Bug #15205 (Not a Bug): Changing a WAN type interface from DHCP to static IPv4 address causes WAN to appear in DHCP server configuration
WAN interface currently using IPv4 DHCP type address, switch this interface to static, enter IP, create gateway, save... Jordan G
01:30 AM Feature #15204 (New): pfSense email notification: support STARTTLS without authentication
According to the NET_SMTP documentation (https://github.com/pear/Net_SMTP):... Craig Coonrad
01:23 AM pfSense Packages Bug #15190 (Pull Request Review): PHP error from RRD Graphs when resolution is null
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/385 Christopher Cope
01:08 AM Feature #15203 (New): Option to allow customized user home directory permissions to be preserved
It is well intentioned and improves system security in general, that proper home directory ownerships are maintained.... Ronald Antony
12:30 AM Bug #15195: PHP error if config contain <ppps></ppps> empty tag
Lev Prokofev wrote:
> The error occurs on boot if the config containing <ppps></ppps>
>
> tested on
>
>
>
... Kris Phillips
12:28 AM Bug #14996: Kea DHCP PHP error from WINS server value
Jared Hendrickson wrote in #note-2:
> I opened a PR this morning that contains a fix for this: https://github.com/pfs... Kris Phillips
12:21 AM Bug #12774: Picture widget image is not saved in backup
Ronald Antony wrote in #note-6:
> Viktor Gurov wrote in #note-3:
> > But we can only backup image data if the "Incl... Kris Phillips

01/27/2024

11:51 PM pfSense Packages Bug #15190: PHP error from RRD Graphs when resolution is null
More information: The code is being hit when using the custom Time Period. The code attempts to subtract the resoluti... Christopher Cope
11:34 PM Bug #15122: PHP errors in LDAP server prevent it from falling back to Local Database
Danilo Zrenjanin wrote in #note-4:
> The firewall couldn't reach the LDAP server and I couldn't replicate that on 23... Christopher Cope
02:34 PM Bug #15122: PHP errors in LDAP server prevent it from falling back to Local Database
The firewall couldn't reach the LDAP server and I couldn't replicate that on 23.09.1.
Is there any specifically w... Danilo Zrenjanin
11:08 PM Feature #855: Ability to selectively kill states on gateway recovery
Henniee Walterson wrote in #note-26:
> it might be useful to implement the recover state killing in the gateway sect... Alex Viper_Rus
10:32 PM pfSense Packages Feature #15199: Unable to add user defined options to /etc/ssh/sshd_config due to its dynamic nature and no UI to add additional configuration options
So, looking at */etc/sshd* I find this section:... Ronald Antony
09:36 PM pfSense Packages Feature #15199 (Rejected): Unable to add user defined options to /etc/ssh/sshd_config due to its dynamic nature and no UI to add additional configuration options
In order to run a user with scponly privileges
(see: https://forum.netgate.com/topic/185794/there-s-absolutely-no-u... Ronald Antony
10:28 PM pfSense Plus Bug #15202 (New): Add Option for Network Portion of Subnet "Wildcard" for IPv6 Rules
Filtering hosts with IPv6 is extremely difficult when utilizing an upstream provider that is providing a Prefix Deleg... Kris Phillips
10:04 PM Bug #12774: Picture widget image is not saved in backup
Viktor Gurov wrote in #note-3:
> But we can only backup image data if the "Include extra data" option is checked.
... Ronald Antony
10:00 PM Feature #15201 (Rejected): Unified mechanism for update notifications
It would be nice if there were a unified mechanism of notifying admins of
- updates to the base system
- updates to... Ronald Antony
09:44 PM pfSense Docs New Content #15200 (Rejected): usermanager privileges have ZERO documentation on the "User - System: Copy files to home directory (chrooted scp)" privileges setting/setup
The manual section which should have this documented, is glaringly empty:
https://docs.netgate.com/pfsense/en/late... Ronald Antony
09:29 PM pfSense Packages Feature #15198 (Rejected): System_Patches package should advertize on the dashboard, or send notifications, if there are recommended patches available
As non-full-time sysadmin, not only do I not regularly monitor the dashboard, I do even less regularly (read: never) ... Ronald Antony
07:55 PM Regression #15197 (Feedback): Outbound NAT rules using an alias without a matching address family create unexpected PF rules
Applied in changeset commit:4f90b67bb214521e5fc554fa24e97a0b283ad8c3. Marcos M
07:40 PM Regression #15197 (Waiting on Merge): Outbound NAT rules using an alias without a matching address family create unexpected PF rules
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1125 Marcos M
07:20 PM Regression #15197 (Resolved): Outbound NAT rules using an alias without a matching address family create unexpected PF rules
Create an Outbound NAT rule with:
- @Do not NAT@ checked
- @IPv4+IPv6@ for address family
- Source @<interface> su... Marcos M
07:53 PM Bug #12920 (Pull Request Review): Gateway behavior differs when the gateway does not exist in the configuration
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1124
This change makes sure gateways are added to the co... Marcos M
07:43 PM Feature #15183: Add per-rule option to set PF State Policy (if-bound vs floating)

Firewall State Policy option is added:
pfctl -sr results:
+interface bound state:+
pass in quick on em0 r... Alhusein Zawi
07:39 PM Revision 4f90b67b: Check for empty hosts when generating outbound NAT rules. Fix #15197
Make sure that there's a valid host when calling
filter_nat_rules_generate_if() and add missing new lines. Marcos M
07:37 PM Bug #11418 (Resolved): 'NAT-T: Force' is broken for IPv6 IPsec
Tested on 24.03-DEVELOPMENT (built on Fri Jan 26 9:00:00 MSK 2024)
There is no any issue with 'NAT-T: Force'. I wa... Azamat Khakimyanov
12:44 PM Regression #14078: Traffic graph shows half actual throughput when switching back to the graph
As I mentioned in the related Redmine, the issue is still present and I need to run with my local fix Patrik Stahlman
11:57 AM Regression #14078: Traffic graph shows half actual throughput when switching back to the graph
Related to https://redmine.pfsense.org/issues/14933 Danilo Zrenjanin
11:55 AM Regression #14078 (Feedback): Traffic graph shows half actual throughput when switching back to the graph
I can not reproduce this on 23.09.1.
Google Chrome for MacOS.
The download speed in the /status_graph.php remains ... Danilo Zrenjanin
12:39 PM Bug #14933: Traffic Graph widget displays bandwidth usage values which are half the actual usage amount
This problem is still reproducable for me on pfSense Plus 23.09.1-RELEASE. It might not happen every time you switch ... Patrik Stahlman
12:09 PM Bug #14933: Traffic Graph widget displays bandwidth usage values which are half the actual usage amount
Related to https://redmine.pfsense.org/issues/14078 Danilo Zrenjanin
12:09 PM Bug #14933 (Feedback): Traffic Graph widget displays bandwidth usage values which are half the actual usage amount
I can not reproduce this behavior on 23.09.1.
Google Chrome for MacOS.
The download speed in the widget remain... Danilo Zrenjanin
04:03 AM Feature #8794: NTP authentication support
@Marcos M
Is there something I need to do to get this merged? The PR still has the changes requested label applied e... Matthew Ray
01:01 AM pfSense Plus Bug #15196 (Not a Bug): AWS ena interfaces can become unstable/stop responding
On AMD Epyc hardware in AWS, pfSense Plus ena interfaces can lose their IP addressing and then stop responding entire... Kris Phillips

01/26/2024

07:41 PM pfSense Docs Correction #14143 (Closed): Feedback on System Monitoring — Remote Logging with Syslog
Updated and deployed: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/79919a2075edcf6a5627b3099cc2471a76893673 Jim Pingle
07:28 PM pfSense Docs New Content #15150 (Resolved): Update IPsec Terminology Differences
Added: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/93f807abb3dcb4c330f9866566555deabf1cc577 Jim Pingle
07:15 PM pfSense Docs Todo #15014 (Rejected): Feedback on Configuration — Advanced Configuration Options — Firewall
We still set the default at 400000 in the default @config.xml@, so the docs are still correct:... Jim Pingle
06:41 PM pfSense Docs Correction #15075 (Closed): Changing MSS for IPsec
I updated the menu location for the option: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/14d49c53df3133db0f6... Jim Pingle
06:35 PM pfSense Docs New Content #15192 (Closed): Document new Speed Shift functionality
Added and deployed:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/7f8a91bb44b671a70f5696513bd8cd11dff487c7... Jim Pingle
05:15 PM Bug #14996: Kea DHCP PHP error from WINS server value
I opened a PR this morning that contains a fix for this: https://github.com/pfsense/pfsense/pull/4667 Jared Hendrickson
03:04 PM Bug #15195 (Duplicate): PHP error if config contain <ppps></ppps> empty tag

The error occurs on boot if the config containing <ppps></ppps>
tested on ... Lev Prokofev
02:31 PM Bug #15194 (Incomplete): PHP Fatal error in easyrule CLI
Running "easyrule block wan 1.0.152.114" via ssh caused an error.
It looks like it's a problem in backup_config().
... David Johnston
02:22 PM Regression #15152: Systems with low RAM fail to upgrade to 24.03
Something else I may have narrowed down is that in each case it appears to only be dbus that's failing this. It's dbu... Jim Pingle
01:23 PM Feature #7943: Overflow scrolling for top navigation drop-down menus in Fixed mode
The primary reason this hasn't seen any traction is because it's only a problem for users who have opted into the non... Jim Pingle
01:13 PM Feature #7943: Overflow scrolling for top navigation drop-down menus in Fixed mode
Hello,
while this can seem like a trivial issue for some, usability and accesibility are important aspects of any ... Patrik Stahlman
01:18 PM Feature #10271: Large number of VLAN/LANs make "Interfaces" menu hard to access

This issues has also been reported here: https://redmine.pfsense.org/issues/7943 and includes a simple change until... Patrik Stahlman
09:08 AM Bug #15187: OpenVPN client addresses unreachable despite all rules in place and tunnel being up
As far as I can tell we've exhausted all the options. The routes are correct. the firewall rules allow the traffic. ... Roland Giesler

01/25/2024

08:58 PM pfSense Docs New Content #15193 (Closed): Add documentation for new State Policy options
In #15173 we added a global option to change the default state policy to be interface-bound instead of floating. The ... Jim Pingle
08:53 PM pfSense Docs New Content #15192 (Closed): Document new Speed Shift functionality
We added support for Intel Speed Shift in 23.09/2.7.1 and it needs added to the documentation. See #14047 for details... Jim Pingle
08:49 PM pfSense Docs New Content #15191 (Closed): Document new Packet Flow Data functionality (Plus Only)
Create documentation for the new pflow/Packet Flow Data functionality added to Plus for 24.03.
See #15039 for deta... Jim Pingle
07:31 PM Feature #15189 (Needs Patch): Firewall Rule Tracer
This has come up before and it's not feasible until/unless PF itself has a test function internally to run such a tra... Jim Pingle
07:13 PM Feature #15189 (Needs Patch): Firewall Rule Tracer
Requesting a Feature popular on successful commercial platforms to improve the viability of PFSense for larger more c... Justin Radke
07:30 PM Todo #15188 (Feedback): Remove deprecated OpenVPN hardware crypto engine option
Applied in changeset commit:7983c2dd617dcc7684b8ed871f463459e640cf34. Jim Pingle
06:54 PM Todo #15188 (Resolved): Remove deprecated OpenVPN hardware crypto engine option
There is an option in the OpenVPN client/server configuration (and wizard) which sets a hardware crypto engine for Op... Jim Pingle
07:26 PM pfSense Packages Bug #15190 (Resolved): PHP error from RRD Graphs when resolution is null
Happens on... Christopher Cope
07:12 PM Bug #15185: Problem with Widgets OpenVPN in Pfsense 2.7.2 after upgrade
We have been using Pfsense platform for eight yers now and the more Certificates per User we have the more slowly Wid... Przemyslaw Przybyl
06:54 PM Revision 7983c2dd: Remove OpenVPN engine option. Implements #15188
It's been non-functional for years and is only confusing users now. Jim Pingle
05:30 PM Feature #15183 (Feedback): Add per-rule option to set PF State Policy (if-bound vs floating)
Applied in changeset commit:22de584bd0a234e1c658e703098ea259058cc478. Jim Pingle
05:24 PM Feature #15183: Add per-rule option to set PF State Policy (if-bound vs floating)
Note when testing that the _OS_ default is @floating@, thus when inspecting rules output by @pfctl -sr@ the word "flo... Jim Pingle
02:21 PM Feature #15183 (In Progress): Add per-rule option to set PF State Policy (if-bound vs floating)
Jim Pingle
05:20 PM Revision 22de584b: Per-rule State Policy option. Implements #15183
Adds a setting in the advanced section when editing a firewall rule
which allows a rule to use a state policy that di... Jim Pingle
05:10 PM pfSense Packages Bug #14805: when I changed Endpoint ip via webgui, but wiregaurd still using old ip ruuning.
I couldn't recreate the behavior you're experiencing on the 23.09.1 pfSense Plus version.
Changing the Endpoint I... Danilo Zrenjanin
02:41 PM Regression #15152: Systems with low RAM fail to upgrade to 24.03
I'm seeing a similar failure though so far only on 1100.
There is a sysctl oid @vfs.tmpfs.memory_percent@ which al... Jim Pingle
02:12 PM Regression #15051: Host(s) Aliases using Domains fail to resolve
I couldn't confirm that behavior on the 23.09.1 pfSense Plus release.
Please see the screenshots below:
!clipb... Danilo Zrenjanin
01:52 PM pfSense Plus Feature #15186: Test DNS over TLS
Such a test wouldn't be ideal to mix in the settings since there are other required parts for that to work that aren'... Jim Pingle
01:46 PM Bug #15187 (Not a Bug): OpenVPN client addresses unreachable despite all rules in place and tunnel being up
I don't see anything in that thread that suggests it's a bug rather than a misconfiguration somewhere. Keep discussin... Jim Pingle
07:29 AM Bug #15187 (Not a Bug): OpenVPN client addresses unreachable despite all rules in place and tunnel being up
Refer to support ticket: https://forum.netgate.com/topic/185705/p2p-vpn-server-can-t-reach-client-but-client-can-reac... Roland Giesler
12:44 PM Bug #15176 (Resolved): Change Mobile IPsec RADIUS accounting to use ``accounting_requires_vip`` so accounting will not activate for non-mobile VPNs
Tested the patch against:... Danilo Zrenjanin

01/24/2024

11:57 PM pfSense Plus Feature #15186 (New): Test DNS over TLS
The ability to readily confirm TLS DNS would be established once saved. Jeff Kuehl
09:00 PM pfSense Plus Feature #15039: GUI to configure Packet Flow Data (``pflow``) export
Things to keep in mind when testing.
When _inactive_ (disabled or not yet applied):... Jim Pingle
08:47 PM pfSense Plus Feature #15039 (Feedback): GUI to configure Packet Flow Data (``pflow``) export
MR merged:
https://gitlab.netgate.com/pfSense/factory/-/commit/e755ceefc81c7942797459bc1fd6132343ec2cfc
New fil... Jim Pingle
08:56 PM pfSense Plus Feature #15038 (Closed): Operating System support for PF ``pflow`` packet data flow export
Looks good on current snapshots, everything appears to be working as expected.... Jim Pingle
08:52 PM Bug #15185 (Incomplete): Problem with Widgets OpenVPN in Pfsense 2.7.2 after upgrade
There isn't nearly enough information here to draw any conclusions and I can't reproduce it here.
Please post on t... Jim Pingle
10:46 AM Bug #15185 (Incomplete): Problem with Widgets OpenVPN in Pfsense 2.7.2 after upgrade

After Upgrade with 2.7.0 to 2.7.1 next to 2.7.2.
Widgets OpenVPN - Servers, OpenVPN - Clients, OpenVPN - Client ... Przemyslaw Przybyl
05:22 PM Bug #11418 (Feedback): 'NAT-T: Force' is broken for IPv6 IPsec
24.03 will have the upstream fixes - this can be tested currently in 24.03 dev snapshots. Marcos M
04:32 PM Bug #13934 (Closed): Killing states by gateway can miss some IPv6 outbound states
This will need to be handled with custom floating rules. With the proposed change, the route-to rules for secondary W... Marcos M
04:15 PM Bug #14386: ``openvpn.auth-user.php`` gets stuck at 100% CPU usage when RADIUS authentication times out
FWIW - still present in 2.7.2 and 23.09.1. Orion Poplawski
10:19 AM Bug #15156: Fragmented packets delayed by limiters are lost
The expected flow here is that the fragmented packets arrive, get passed through the inbound (pf_test(PF_IN)) test, r... Kristof Provost
07:31 AM Bug #15156: Fragmented packets delayed by limiters are lost
There's a clue in the last dtrace that's backed up by the pf debug output in dmesg:... Kristof Provost
12:15 AM Bug #15180: Web UI sort order not maintained after auto refresh
Jim Pingle wrote in #note-3:
> The table sorting is all client side in JavaScript and it has no persistence. There i... James Garrison

01/23/2024

09:11 PM pfSense Plus Feature #15039 (Pull Request Review): GUI to configure Packet Flow Data (``pflow``) export
MR: https://gitlab.netgate.com/pfSense/factory/-/merge_requests/117
 Jim Pingle
08:49 PM Bug #11418: 'NAT-T: Force' is broken for IPv6 IPsec
FYI: Wiktel and MICE (https://micemn.net) sponsored work by Klara (https://klarasystems.com), who landed a patch in F... Richard Laager
05:00 PM Bug #15156: Fragmented packets delayed by limiters are lost
attached is requested info from todays diagnostic session
dtraces taken specifically during the calls
pipe info irrel... Georgiy Tyutyunnik
10:36 AM Todo #15184 (New): Change hint text in "Remote Log Servers" to reflect actual possible entry
Dear pfSense Dev Team!
On a page
*Status / System Logs / Settings*
Section
" *Remote Logging Option* "
UI Ele... Sergei Shablovsky

01/22/2024

11:45 PM pfSense Plus Feature #15038 (Feedback): Operating System support for PF ``pflow`` packet data flow export
The signed vs. unsigned issue will be fixed in the next snapshot.
The issue in comment 8 is actually expected beha... Kristof Provost
04:26 PM pfSense Plus Feature #15038: Operating System support for PF ``pflow`` packet data flow export
Per Kristof, the above was an output printing issue in @pflowctl@ and it was correct internally. That will be fixed s... Jim Pingle
03:13 PM pfSense Plus Feature #15038 (In Progress): Operating System support for PF ``pflow`` packet data flow export
After testing a bit I discovered what might be a minor issue.
Not that I expect anyone to need to go this high, bu... Jim Pingle
02:39 PM pfSense Plus Feature #15038 (Feedback): Operating System support for PF ``pflow`` packet data flow export
Module is present now on latest build (24.03.a.20240122.0600) and loads OK.
Had a weird glitch once where I couldn... Jim Pingle
08:31 PM pfSense Packages Feature #14633: Cleanup states on dynamic routing changes
Jim Pingle wrote in #note-2:
> At the moment the FreeBSD port does not appear to build FRR with @--enable-scriptin... Henniee Walterson
03:51 PM pfSense Packages Feature #14633 (Feedback): Cleanup states on dynamic routing changes
I believe #15173 may help here since states would no longer match on the old interface after a routing change. It sho... Marcos M
07:26 PM Feature #13894 (Resolved): Explicitly enable/disable DHCP Dynamic DNS updates in each scope
Marcos M
07:23 PM Bug #14290 (Feedback): ICMPv6 Path MTU Discovery breaks with NPT
Marcos M
07:01 PM Bug #13934 (Pull Request Review): Killing states by gateway can miss some IPv6 outbound states
Marcos M
06:53 PM Bug #12942 (Pull Request Review): Code to kill states for old gateway when reconnecting an interface is incorrect
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1124 Marcos M
06:33 PM Feature #13844: Make RADIUS Start/Stop accounting immediately log off a user that exceeds quota when reauthentication is disabled
As per comment in #13843, please include multiuser, parallel, simultaneous logins, cumulative when calculating totals... Dale Harron
06:29 PM Feature #13843: Add ability to properly configure RADIUS captive portal user quotas of 4096MB or more
When implementing this feature, please support multi-user logins, including parallel user sessions that have been sta... Dale Harron
06:25 PM Regression #15170 (Closed): webConfigurator IPv6 resolver syntax change
Chris Linstruth
06:25 PM Regression #15170: webConfigurator IPv6 resolver syntax change
Looks good on Jan 22 build. Thanks. Chris Linstruth
05:46 PM pfSense Plus Todo #15164 (Resolved): Add ZFS Boot Environment list to status output
Jim Pingle
05:44 PM pfSense Plus Todo #15164 (Confirmed): Add ZFS Boot Environment list to status output
Confirmed working in 24.03.a.20240122.0600. Craig Coonrad
05:24 PM pfSense Packages Todo #15119: Update nut-devel version and update startup script
Okay, can we go ahead and push this into prod please? I've had users testing builds that I produced from FreeBSD port... Denny Page
03:59 PM pfSense Packages Todo #15119: Update nut-devel version and update startup script
There was an issue with the previous MRs - they seemed to be missing additional commits which caused some build failu... Marcos M
04:27 PM Feature #15183 (Resolved): Add per-rule option to set PF State Policy (if-bound vs floating)
Now that #15173 is in place it would be helpful to have a per-rule option to set state policy between default, if-bou... Jim Pingle
03:53 PM Feature #855 (Pull Request Review): Ability to selectively kill states on gateway recovery
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1124
https://redmine.pfsense.org/issues/15208 Marcos M
02:48 PM pfSense Plus Feature #15039 (In Progress): GUI to configure Packet Flow Data (``pflow``) export
Jim Pingle
01:05 PM Bug #15180 (Not a Bug): Web UI sort order not maintained after auto refresh
The table sorting is all client side in JavaScript and it has no persistence. There is no way for it to remember anyt... Jim Pingle
12:57 AM Bug #15180: Web UI sort order not maintained after auto refresh
Can confirm in 23.09.1
Seems to happen with any table that automatically updates, the table updates with the defau... dylan mendez
01:04 PM Feature #15179 (Rejected): Pre-set “error” in “Advanced Log Filter” in Status / System Logs
Not everything that's a problem contains the string "error" nor does every string that contains "error" mean it's a p... Jim Pingle
03:48 AM pfSense Packages Bug #15182: Changing backend port - status remains down
The workaround is to delete the backend server and recreate Mike Moore
03:44 AM pfSense Packages Bug #15182 (Confirmed): Changing backend port - status remains down
I noticed that if you enable basic health checks on a backend server, in my example port 443 the health check succeed... Mike Moore
01:08 AM Bug #15181: PHP error in ``interfaces_qinq_edit.php`` when creating a QinQ interface
dylan mendez wrote in #note-1:
> Can you please share your pfSense version as well as specific VLAN IDs you're using... Jens Becker
01:02 AM Bug #15181: PHP error in ``interfaces_qinq_edit.php`` when creating a QinQ interface
Created two QinQ interfaces on two different interfaces, no issue. 23.09.1
Can you please share your pfSense versi... dylan mendez

01/21/2024

10:30 PM Bug #15181 (Resolved): PHP error in ``interfaces_qinq_edit.php`` when creating a QinQ interface
When creating a new QinQ interface on /interfaces_qinq_edit.php it throws this error:... Jens Becker
08:00 PM Bug #15180: Web UI sort order not maintained after auto refresh
I can confirm the same issue on pf Plus version 23.09.1, so effects both CE and Plus. Ethan Word
05:55 PM Bug #15180 (Not a Bug): Web UI sort order not maintained after auto refresh
When I select a sort column in any display that refreshes, the sort order reverts to the default when the display ref... James Garrison
04:21 AM pfSense Packages Feature #15107: An option to disable routes
Hey Kris,
The scenario is using wireguard with FRR , bgp in my case.
As i am getting routes from a remote gateway i... Mike Moore
04:08 AM pfSense Packages Feature #15107: An option to disable routes
Mike Moore wrote:
> When using Wireguard with FRR (dynamic routing) there needs to be an option to select 'Disable ro... Kris Phillips
04:15 AM Feature #13293: Option to set auth-gen-token in OpenVPN GUI
Marcos M wrote in #note-2:
> It's unclear if the concerns mentioned on the following link have been addressed - best... Kris Phillips
04:03 AM pfSense Packages Bug #15172: Tailscale interface goes down without reason
I suspect this is because Service Watchguard is watching for the Tailscale service to crash, not for a tunnel to drop... Kris Phillips
04:01 AM Bug #15178: ACB (autoconfig backup) restore always returns could not decrypt despite proper password
Tested on 24.03, I'm getting a different error:
The following input errors were detected:
SHA256 values do ... Kris Phillips
02:30 AM Feature #15179: Pre-set “error” in “Advanced Log Filter” in Status / System Logs
Again one time to explain main idea:
*Just pre-set txt field, but not filtering automatically*
So Admin choose ... Sergei Shablovsky
02:24 AM Feature #15179: Pre-set “error” in “Advanced Log Filter” in Status / System Logs
This about “Message” Filter field in follow section:
System / General
System / Gateways
System / Routings
Sys... Sergei Shablovsky
02:00 AM Feature #15179 (Rejected): Pre-set “error” in “Advanced Log Filter” in Status / System Logs
Dear pfSense Team!
Generally and mostly System Logs section used by FW admins:
- on initial stage of pfSense impl... Sergei Shablovsky
01:12 AM Feature #11047: Add Encryption Password suggestions and Restriction
Sergei Shablovsky wrote in #note-3:
> Jim Pingle wrote in #note-2:
> > That is way too much text to add to the GUI.... Sergei Shablovsky

01/20/2024

10:34 PM Bug #15178 (Resolved): ACB (autoconfig backup) restore always returns could not decrypt despite proper password
ACB restore, using the proper password will permit viewing the encrypted and decrypted configuration, but either usin... Jordan G
09:27 PM Feature #14165: Option to allow the DNS Forwarder to ignore system DNS servers

option is added
2.8.0.a.20240119.0600 Alhusein Zawi
06:06 PM Feature #13340: Option to change QinQ ethertype to Service VLAN Tag
> We faced this issue in our recent 2.6 -> 2.7 upgrade and thank you for posting this! Saved our butts. Whats the mos... Grant Emsley
03:30 PM pfSense Packages Feature #15177 (New): Add an option to choose an interface that the Tailscale will use for connecting to the Login Server
Currently, it is not possible to specify the interface that the Tailscale service will use to connect to the Login Se... Danilo Zrenjanin
03:07 PM pfSense Packages Regression #14043 (Resolved): Netgate Firmware Upgrade fails to mount EFISYS
Tested the upgrade on 6100 from:... Danilo Zrenjanin
12:46 PM Bug #15171 (Resolved): Removing an IPsec Phase 1 entry can either remove the wrong Phase 2 entries or leave orphaned Phase 2 entries in the configuration
Tested the patch against:... Danilo Zrenjanin
07:45 AM pfSense Packages Bug #14566 (Confirmed): Softlflowd package don't send ICMP flows
I can confirm this behavior, package ver. v.1.2.6_1 tested on ... Lev Prokofev
03:44 AM Feature #855 (In Progress): Ability to selectively kill states on gateway recovery
Marcos M

01/19/2024

10:42 PM pfSense Plus Feature #15038: Operating System support for PF ``pflow`` packet data flow export
I forgot to include the module in the image in cross build. That's done now, so the next build will have it. Kristof Provost
04:12 PM pfSense Plus Feature #15038 (In Progress): Operating System support for PF ``pflow`` packet data flow export
On 24.03.a.20240117.0600 which should be after this was merged, @pflowctl@ complaints that @pflow.ko@ is not loaded, ... Jim Pingle
05:25 PM Bug #15176 (Feedback): Change Mobile IPsec RADIUS accounting to use ``accounting_requires_vip`` so accounting will not activate for non-mobile VPNs
Applied in changeset commit:7caf3483ce5ba971ecfe7c8d04fbbfe60f3fbca1. Jim Pingle
05:09 PM Bug #15176 (Resolved): Change Mobile IPsec RADIUS accounting to use ``accounting_requires_vip`` so accounting will not activate for non-mobile VPNs
At some point strongSwan's @eap-radius@ plugin gained a setting called @accounting_requires_vip@ which makes strongSw... Jim Pingle
05:14 PM Revision 7caf3483: Fix RA IPsec EAP-RADIUS accounting. Fixes #15176
Set the flag which only activates accounting for connections with VIPs
which will restrict accounting to only mobile ... Jim Pingle
02:46 PM Feature #11556: Kill states using the pre-NAT address
It is killing the LAN side but not the WAN side.
It was an ssh session on a rule with a schedule.
When the sche... Chris Linstruth
02:08 PM Feature #11556: Kill states using the pre-NAT address
Hi Chris,
It's not clear to me what the problem is in comment 9. Is that state not getting killed when you'd expec... Kristof Provost
11:11 AM Feature #855: Ability to selectively kill states on gateway recovery
it would be useful if vpn connections were also reconnected via the restored gateway
 Alex Viper_Rus
10:41 AM Feature #855: Ability to selectively kill states on gateway recovery
it might be useful to implement the recover state killing in the gateway section too.
(@ "State Killing on Gateway Fa... Henniee Walterson
07:58 AM Bug #15171: Removing an IPsec Phase 1 entry can either remove the wrong Phase 2 entries or leave orphaned Phase 2 entries in the configuration
Jim Pingle wrote in #note-3:
> How are these entries being deleted exactly? Using the trash can at the end of a row,... Danilo Zrenjanin
02:53 AM pfSense Docs New Content #15175 (New): add explicit license to pfSense documentation
Previous documentation hosted on GitHub repo was under a CC non-commercial license.
Since transitioning to the new... Hayden Mills

01/18/2024

09:37 PM Bug #15156: Fragmented packets delayed by limiters are lost
While we're gathering things let's also dump the dummynet pipe information:... Kristof Provost
07:12 PM Bug #15156: Fragmented packets delayed by limiters are lost
I'm still rather unclear on why this happens, and why I cannot reproduce fragmentation issues with dummynet pipes loc... Kristof Provost
08:55 PM Bug #15171 (Feedback): Removing an IPsec Phase 1 entry can either remove the wrong Phase 2 entries or leave orphaned Phase 2 entries in the configuration
Applied in changeset commit:48aea6ee7e03b5b7f49dd143bd1993d33ba74f5b. Jim Pingle
07:45 PM Bug #15171 (In Progress): Removing an IPsec Phase 1 entry can either remove the wrong Phase 2 entries or leave orphaned Phase 2 entries in the configuration
I managed to reproduce a couple different issues here.
The original problem seems to be isolated to only the per-r... Jim Pingle
03:41 PM Bug #15171 (Incomplete): Removing an IPsec Phase 1 entry can either remove the wrong Phase 2 entries or leave orphaned Phase 2 entries in the configuration
How are these entries being deleted exactly? Using the trash can at the end of a row, or by checking the box(es) at t... Jim Pingle
11:57 AM Bug #15171: Removing an IPsec Phase 1 entry can either remove the wrong Phase 2 entries or leave orphaned Phase 2 entries in the configuration
The IPsec config before removing the second Phase 1. ... Danilo Zrenjanin
11:46 AM Bug #15171 (Confirmed): Removing an IPsec Phase 1 entry can either remove the wrong Phase 2 entries or leave orphaned Phase 2 entries in the configuration
Tested against:... Danilo Zrenjanin
08:45 PM Revision 48aea6ee: IPsec P1/P2 delete corrections. Fixes #15171
Jim Pingle
08:39 PM pfSense Plus Bug #15103: Netgate Crypto ID missing in 23.09.01 after fresh firmware
I thought I would mention, I also have this issue in 23.09.1 that I just did a reinstall on. 23.09.1 is running on a... Jeff Kuehl
08:15 PM Bug #5413: Reduce disruptions when changing DNS records from DHCP leases in Unbound
A question for you, Christian. Does the DHCP change to KEA's code mean this is no longer a problem? Or are the notifi... Dennis Adler
07:25 PM Feature #13894 (Feedback): Explicitly enable/disable DHCP Dynamic DNS updates in each scope
Applied in changeset commit:fb04e80e014e4759215384054497268944535001. Marcos M
07:19 PM Revision fb04e80e: Explicitly set ddns-updates. Fix #13894
Marcos M
07:05 PM Todo #15173 (Feedback): Add global option to set default PF State Policy (if-bound vs floating)
Applied in changeset commit:7fedaae5775b9fb58dea7a71afce6d7c3ba062f9. Jim Pingle
05:21 PM Todo #15173: Add global option to set default PF State Policy (if-bound vs floating)
MR: https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1123 Jim Pingle
05:18 PM Todo #15173 (Resolved): Add global option to set default PF State Policy (if-bound vs floating)
PF now has an option to set the default state policy to either floating (the current PF and OS default) or interface-... Jim Pingle
06:56 PM Revision 7fedaae5: Add option to set State Policy. Implements #15173
Also changes default policy to if-bound. Jim Pingle
06:42 PM Bug #14290: ICMPv6 Path MTU Discovery breaks with NPT
We can work around the problem by having pf perform the packet-to-big check and generating the icmp6 too big error:
... Kristof Provost
06:27 PM Feature #15174 (New): missing ice driver (Intel E810 series NIC)

As suggested by stephenw10 in the forum [1] to open a feature request, I ask you kindly to add support for the Inte... Adrian Zaugg
12:44 PM Bug #15145 (Resolved): Unable to perform Packet Captures on a tailscale interface in GUI with default settings
Tested the patch against:... Danilo Zrenjanin
01:47 AM pfSense Packages Bug #15172 (New): Tailscale interface goes down without reason
Tailscale on pfSense 2.7.2-RELEASE (tailscale package v0.1.4 [tailscale-1.54.0])
On a VM (Proxmox v8.x (lastest wi... Carlos Montalvo J.

01/17/2024

11:02 PM Bug #14619: Rule separators are ordered incorrectly after removing rules in certain positions
This fixed my issues
I made the config.xml file like this, they had issues in 23.05.01 I think they caused the r... Jonathan Lee
10:47 PM Bug #15171 (Resolved): Removing an IPsec Phase 1 entry can either remove the wrong Phase 2 entries or leave orphaned Phase 2 entries in the configuration
when deleting p1 entry in ipsec, p2 entries below some totally unrelated p1 entry also being deletet
see reports a... Roland Kletzing
09:02 PM pfSense Plus Todo #15164 (Feedback): Add ZFS Boot Environment list to status output
Added to Plus:
https://gitlab.netgate.com/pfSense/factory/-/commit/3a52d6afc43efcd2e4166a7b23fd15aba6a33dff
 Jim Pingle
09:00 PM pfSense Plus Todo #15164 (In Progress): Add ZFS Boot Environment list to status output
Jim Pingle
07:35 PM pfSense Docs Todo #15161 (Closed): System --> Advanced --> Notifications --> Secure SMTP Connection
Notes should now match the observed behavior: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/3d5864f74ae50cf13... Jim Pingle
06:26 PM pfSense Docs Todo #15161: System --> Advanced --> Notifications --> Secure SMTP Connection
Are you attempting to use authentication? It works here when I use authentication on port 587 or 25 and "Enable SMTP ... Jim Pingle
07:29 PM Bug #15156: Fragmented packets delayed by limiters are lost
testing session with client 17.01:
calls had a big chance of success without limiters enabled for the rule on ix0.12... Georgiy Tyutyunnik
06:26 PM Bug #8313 (Not a Bug): STARTTLS auto detection not working
This has apparently been fixed upstream, STARTTLS works automatically for me on port 25 and 587 with auth configured ... Jim Pingle
05:10 PM Bug #15162: Adding Wake-On-LAN entry from ARP table view can incorrectly include OEM text in MAC address field
Though installing nmap activates the OUI info in the field, the code to handle that is not in the nmap package, but i... Jim Pingle
05:08 PM Bug #15167 (Not a Bug): OpenVPN Server can provide duplicate IP addresses to clients with a Client Override, including the first usable IP in the Network.
That is part of how OpenVPN operates. Addresses assigned via overrides are not reserved/kept from being allocated. Jim Pingle
05:07 PM pfSense Plus Feature #15168 (Rejected): Tracker ID as a column
Each redmine must only be a single request.
There is already a way to make a user read-only, there is a "deny conf... Jim Pingle
05:03 PM Bug #15108 (Resolved): ``pfctl`` is unable to retrieve state creator list in certain circumstances
Given that we can't reproduce it there isn't a good way to verify the fix, so we can close this out for now. If we ge... Jim Pingle
05:00 PM Feature #855: Ability to selectively kill states on gateway recovery
would be a charm like this...
love my paint :-) Henniee Walterson
04:46 PM Feature #855 (Assigned): Ability to selectively kill states on gateway recovery
Marcos M
04:36 PM Bug #15157 (Incomplete): PHP error when generating a notification after detecting a malformed configuration
... Jim Pingle
03:21 PM Regression #15170 (Resolved): webConfigurator IPv6 resolver syntax change
Fixed in commit:cb77811ae6aad6d69abefcdb61e84a16a2ff4178. Marcos M
02:29 PM Regression #15170 (Closed): webConfigurator IPv6 resolver syntax change
It looks like a webconfigurator line like this:... Chris Linstruth
03:20 PM Revision cb77811a: Add brackets to returned IPv6 nameservers. Fix #15170
Marcos M

01/16/2024

10:00 PM Bug #13413 (Feedback): Some messages presented to users contain relative links to pages which may be invalid when triggered from certain packages
Applied in changeset commit:b505dae3a3accf4757d3b617e91a60f987d35841. Christopher Cope
09:53 PM Revision b505dae3: Use absolute links in GUI info messages. Fixes #13413
Christopher Cope
09:50 PM Bug #15145 (Feedback): Unable to perform Packet Captures on a tailscale interface in GUI with default settings
Applied in changeset commit:2adf7b8cde44a8e2f0f0cbb2a7f6c360e3bf4050. Christopher Cope
09:48 PM Revision e6a751da: Detect OCI platform
Steve Wheeler
09:42 PM Revision 2adf7b8c: Fix packet captures on tailscale. Fixes #15145
Christopher Cope
09:40 PM pfSense Plus Bug #15169 (Duplicate): Allowed IP Address does not control incoming speed in captive portal, PF Sense Plus Release 23.xx.x
Marcos M
09:30 PM pfSense Plus Bug #15169 (Duplicate): Allowed IP Address does not control incoming speed in captive portal, PF Sense Plus Release 23.xx.x
Hello engineers,
I would like to report a bug that has already been submitted and confirmed but only on the PF CE ... Zephan NLD
03:25 PM pfSense Plus Feature #15039: GUI to configure Packet Flow Data (``pflow``) export
The required OS code has been merged.
pflow configuration is done through `pflowctl`. Use `pflowctl -c` to create... Kristof Provost
03:20 PM pfSense Plus Feature #15038 (Feedback): Operating System support for PF ``pflow`` packet data flow export
I've merged the upstream pflow code. It'll be part of the next snapshot builds.
It includes support for netflow v5... Kristof Provost
02:13 PM Feature #13294: Change gateway name
I'd like to upvote this enhancement (or whatever the process is). Not being able to rename gateways is quite inconven... Chris Jenkins
12:51 PM Bug #14290: ICMPv6 Path MTU Discovery breaks with NPT
I believe I've reproduced this. It looks like the problem is in the icmp6_error() code, which tries to do a route loo... Kristof Provost
11:17 AM Feature #855: Ability to selectively kill states on gateway recovery
+1!
Same problem with multi-path routing and multi-wan!
Seems to be easy to solve with pfctl.
Pls do it. Soon. Henniee Walterson
07:36 AM pfSense Plus Feature #15168 (Rejected): Tracker ID as a column
This is a 2 part request.
1. Have the Firewall rules screen locked. Right an admin can click around firewall rules a... Mike Moore
02:50 AM pfSense Plus Bug #15006: Upgrade Issue to 23.09 Results in Stuck Prompt Mid-upgrade
I have not encountered this personally, but can confirm multiple instances of upgrades failing with:... Craig Coonrad
12:45 AM Feature #4128: Email notification webgui configuration

Attaching interaction 2270966827 here. dylan mendez

01/15/2024

10:42 PM Regression #15152: Systems with low RAM fail to upgrade to 24.03
Tested 24.03 upgrade on a VM with 768MB RAM. With and without RAM Disks enabled. Unable to reproduce. Upgrades comple... Craig Coonrad
02:03 PM Regression #15152: Systems with low RAM fail to upgrade to 24.03
I've not yet been able to reproduce this on a low-memory VM (1GB total RAM).
From the log I would guess that this ... Kristof Provost
10:18 PM Bug #15167 (Not a Bug): OpenVPN Server can provide duplicate IP addresses to clients with a Client Override, including the first usable IP in the Network.
Steps to replicate.
Create OpenVPN Server (example network 192.168.25.0/24)
Add Client Specific Override with IP ... dylan mendez
08:07 PM Feature #15166: ISC DHCPv6 DynamicDNS Bug
This requires DDSMM which is already a requested feature - see the related issues section of this redmine. Additional... Marcos M
07:27 PM Feature #15166: ISC DHCPv6 DynamicDNS Bug
Wait a second the bug 10535 was also closed without any conclution. Could you explain yourself? André L.
04:12 PM Feature #15166 (Duplicate): ISC DHCPv6 DynamicDNS Bug
Marcos M
10:12 AM Feature #15166 (Duplicate): ISC DHCPv6 DynamicDNS Bug
I dont really know how much attention this will get after the ISC retirement for the DHCP Server but if the DHCPv6 is... André L.
05:10 PM Feature #14165: Option to allow the DNS Forwarder to ignore system DNS servers
Merged in commit:840b13703bfae1f666a2ae8d5fa40ffb745a2ca3. Marcos M
05:09 PM Feature #14165 (Feedback): Option to allow the DNS Forwarder to ignore system DNS servers
Marcos M
04:56 PM Revision 840b1370: Merge pull request #4664 from opoplawski/no_system_dns
Marcos M
10:29 AM Bug #15108 (Feedback): ``pfctl`` is unable to retrieve state creator list in certain circumstances
Quick summary from the forum discussion: the reporter has upgraded both (pfsync) hosts to the same version, and the p... Kristof Provost
06:47 AM Bug #15165 (Needs Patch): Early boot hangs on pfSense CE
Hello.
I use Hyperv-V under Windows 10 Pro, went I update to Pfsense 2.7.0 I start having the frezee issue that I ... Peter Moreno
06:07 AM pfSense Packages Todo #15119: Update nut-devel version and update startup script
Can we go ahead and push this out please? Thanks Denny Page
12:11 AM pfSense Plus Todo #15164 (Resolved): Add ZFS Boot Environment list to status output
This is needed to review the BE status/options of the device as well as troubleshoot potential disk space issues.
... Craig Coonrad

01/14/2024

04:01 PM Feature #11556 (In Progress): Kill states using the pre-NAT address
Chris Linstruth
04:00 PM Feature #11556: Kill states using the pre-NAT address
Please also see scenario:
killing states when a pass rule with a schedule expires:
!clipboard-202401141100-0s9e... Chris Linstruth
03:38 PM Feature #15163: Add “WOL GROUPING” in “Services / Wake-on-LAN”
Sergei Shablovsky wrote:
> Hi, brilliant pfSense stuff!
>
> Please add ability to grouping in Wake-on-LAN service... Sergei Shablovsky
12:10 AM Feature #15163 (New): Add “WOL GROUPING” in “Services / Wake-on-LAN”
Hi, brilliant pfSense stuff!
Please add ability to grouping in Wake-on-LAN service “*Services / Wake-on-LAN*”.
... Sergei Shablovsky
11:55 AM Bug #14290: ICMPv6 Path MTU Discovery breaks with NPT
Any update here? Having the same issue when I use the following: IPv6 via DHCP from ISP, internal IPv6 space mapped v... Philip S
06:14 AM pfSense Plus Bug #15036: Traffic Shaper Wizard Dedicated generates error
Tested on
24.03-DEVELOPMENT (amd64)
built on Fri Jan 12 6:00:00 UTC 2024
FreeBSD 15.0-CURRENT
The error is pres... aleksei prokofiev
05:54 AM pfSense Packages Bug #11515: node_exporter 0.18.1_1 - Unable to interact or start the service from web ui
Tested on node_exporter 0.18.1_3
24.03-DEVELOPMENT (amd64)
built on Fri Jan 12 6:00:00 UTC 2024
FreeBSD 15.0-CURR... aleksei prokofiev
04:09 AM pfSense Packages Bug #15131: OpenVPN client export issues with iPhone and IPV6 connections
They have sense reactivated my username and all posts are erased related to this fix and issue on both the other user... Jonathan Lee
04:08 AM pfSense Packages Bug #15131: OpenVPN client export issues with iPhone and IPV6 connections
Someone on OpenVPN forum as an admin deleted the post with the fix that was not mine and also banned my user name I w... Jonathan Lee
03:37 AM pfSense Packages Bug #15131 (Incomplete): OpenVPN client export issues with iPhone and IPV6 connections
Jonathan Lee wrote in #note-1:
> https://forums.openvpn.net/viewtopic.php?p=119902 (lists fix)
> https://forums.ope... Kris Phillips
03:35 AM pfSense Packages Bug #15131: OpenVPN client export issues with iPhone and IPV6 connections
Tested this with IPv4+6 multihome and the client export spits out a config with remote [hostname] udp, not udp4.
... Kris Phillips
04:07 AM Bug #15118: DHCPv6 settings page "DDNS Reverse" check box not showing current state
Tested on Jan 12 snapshots and this issue is still present. You don't need to change any other settings, but simply ... Kris Phillips
03:59 AM Bug #15098: Wireguard crashes on boot if PPPoE is the default gateway
Danilo Zrenjanin wrote in #note-3:
> I couldn't replicate this behavior on the following system:
> [...]
>
> The... Kris Phillips
03:39 AM pfSense Docs Correction #15128 (Confirmed): Note that a WireGuard peer must have "Dynamic" unset to see Endpoint options
I can confirm this behavior in the GUI. Kris Phillips
03:24 AM pfSense Packages Todo #15119 (Resolved): Update nut-devel version and update startup script
Can confirm that the newer nut-devel packages are added as dependencies. Current package version is nut-devel-2024.0... Kris Phillips
03:11 AM Bug #15147: Cannot configure dual stack IPsec tunnel to accept connections from any remote address on both address families
Can confirm that this is very confusing. It might be better to add a "Allow from Any Source" checkbox that just appl... Kris Phillips
03:06 AM pfSense Docs Todo #15161 (Confirmed): System --> Advanced --> Notifications --> Secure SMTP Connection
I can confirm that it doesn't appear that with or without SSL/TLS enabled that STARTTLS is ever used. Kris Phillips
02:52 AM Bug #15157: PHP error when generating a notification after detecting a malformed configuration
Ramon Alonso Costa wrote:
> I am having the following issue when trying to update the DNS Resolver backup. Below is ... Kris Phillips
01:21 AM Bug #15162 (Confirmed): Adding Wake-On-LAN entry from ARP table view can incorrectly include OEM text in MAC address field
Sergei Shablovsky wrote in #note-1:
> Sergei Shablovsky wrote:
> > Hi, brilliant pfSense stuff!
> >
> > Wrong st... Christopher Cope
12:02 AM Bug #15162: Adding Wake-On-LAN entry from ARP table view can incorrectly include OEM text in MAC address field
Sergei Shablovsky wrote:
> Hi, brilliant pfSense stuff!
>
> Wrong string in “ *MAC address* ” txt entry field in ... Sergei Shablovsky
12:12 AM Bug #15067: Secondary node attempts to delete the ``admins`` group when synchronizing accounts via XMLRPC
confirmed Chris Cope's findings by adding new user/group.... Craig Coonrad

01/13/2024

11:54 PM Bug #15162 (Resolved): Adding Wake-On-LAN entry from ARP table view can incorrectly include OEM text in MAC address field
Hi, brilliant pfSense stuff!
Wrong string in “ *MAC address* ” txt entry field in “ *Services / Wake-on-LAN / Edit... Sergei Shablovsky
11:41 PM pfSense Packages Regression #14452: Prometheus node_exporter generates errors with the default config
Tested 24.03 development snapshot. Error persists.... Craig Coonrad
11:04 PM pfSense Docs Todo #15161 (Closed): System --> Advanced --> Notifications --> Secure SMTP Connection
https://docs.netgate.com/pfsense/en/latest/config/advanced-notifications.html
> When set, the firewall will attemp... Craig Coonrad
11:06 AM pfSense Plus Bug #15036 (Confirmed): Traffic Shaper Wizard Dedicated generates error
I've replicated the issue on:... Danilo Zrenjanin
10:19 AM Bug #15145: Unable to perform Packet Captures on a tailscale interface in GUI with default settings
ah cool. Thanks for checking. Danilo Zrenjanin
08:09 AM pfSense Packages Regression #15064 (Confirmed): Statis menu entry for APCUPSD leads to settings page, not status
Tested against:... Danilo Zrenjanin
08:04 AM pfSense Packages Regression #15158 (Confirmed): XMLRPC Timeout won't save if over 150
Tested against:... Danilo Zrenjanin
07:58 AM pfSense Packages Regression #15159 (Confirmed): XMLRPC Replication Target required even if not using it
I tested against:... Danilo Zrenjanin
07:51 AM Regression #15112: ``status_interfaces.php`` is missing several values for SFP modules
Can confirm this behavior since 23.01
!clipboard-202401131150-fmqvr.png!... Lev Prokofev
03:07 AM Feature #15160 (New): Support multiple RAs and router preferences
My ISP currently returns two RAs in response to an RS. Both of the RAs have the preference field set ("RFC 4191":http... James Geboski
02:55 AM Bug #15134: Post upgrade to 2.7.2 - Change in alias name stops all traffic
I presume you're talking about a port forward rule here, but about how many entries does this alias have? Is the forw... Chris W

01/12/2024

11:43 PM pfSense Packages Feature #12918: pfBlockerNG-devel changes from xmlrpc sync do not take effect immediately
FWIW a Force Reload on the primary will sync to the secondary. A Force Update will not. Steve Y
11:40 PM pfSense Packages Regression #15159 (Confirmed): XMLRPC Replication Target required even if not using it
On page Firewall/pfBlockerNG/Sync if "Sync to configured system backup server" is selected, "XMLRPC Replication Targe... Steve Y
11:37 PM pfSense Packages Regression #15158 (Confirmed): XMLRPC Timeout won't save if over 150
Firewall/pfBlockerNG/Sync has option "XMLRPC Timeout":... Steve Y
11:35 PM Bug #15157 (Resolved): PHP error when generating a notification after detecting a malformed configuration
I am having the following issue when trying to update the DNS Resolver backup. Below is the file with the error. Ramon Alonso Costa
10:31 PM Feature #13894 (Pull Request Review): Explicitly enable/disable DHCP Dynamic DNS updates in each scope
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1122 Marcos M
07:15 PM pfSense Packages Bug #15088 (Confirmed): BIND does not start after a config restore
Tested against:... Danilo Zrenjanin

01/11/2024

06:59 PM Bug #15156: Fragmented packets delayed by limiters are lost
rules.debug from the firewall Georgiy Tyutyunnik
06:46 PM Bug #15156 (Resolved): Fragmented packets delayed by limiters are lost
Client is having issues with outgoing SIP calls on XG-1537 23.09.1 specifically. KVM host with the same config works ... Georgiy Tyutyunnik
05:32 PM Bug #15154: dco_update_peer_stat: invalid peer ID 0 returned by kernel
https://forum.netgate.com/topic/185411/23-09-01-hardware-crypto-showing-no-hardware-crypto-acceleration-for-system-wi... Jonathan Lee
07:52 AM Bug #15154: dco_update_peer_stat: invalid peer ID 0 returned by kernel
It is supposed to be automatic but it does not show on vmstat at all any increments of interrupt requests Jonathan Lee
07:50 AM Bug #15154: dco_update_peer_stat: invalid peer ID 0 returned by kernel
It’s not being detected by OpenVPN and it’s not listed with vmstat Jonathan Lee
12:16 AM Bug #15154 (New): dco_update_peer_stat: invalid peer ID 0 returned by kernel
Hello fellow redmine members
I am showing this error
@dco_update_peer_stat: invalid peer ID 0 returned by kern... Jonathan Lee
04:40 PM Bug #15155: Mobile IPsec traffic stops working after approximately 55 minutes
In the most recent case, it was working perfectly for 6 months since the last time this occurred, and then yesterday ... Andrew Almond
01:37 PM Bug #15155 (Not a Bug): Mobile IPsec traffic stops working after approximately 55 minutes
This is almost certainly a config issue. Also possible that something changed between 23.05.1 and 23.09.1 so you shou... Jim Pingle
06:00 AM Bug #15155: Mobile IPsec traffic stops working after approximately 55 minutes
I've seen this before. It's an issue with the Windows 10/11 VPN client. I can't remember what the fix was but it's so... Brad Smith
01:23 AM Bug #15155 (Not a Bug): Mobile IPsec traffic stops working after approximately 55 minutes
Windows 10 clients using the builtin IPsec client connecting to pfSense 23.05.1
Most of the time everything works ... Andrew Almond
01:28 PM pfSense Plus Bug #15153 (Not a Bug): Backup Restore Issues restoring (Restore Area: Firewall Rules) Aliases for Subnets
That is expected behavior in this case, as the Firewall Rules area of the backup/restore selection does not include A... Jim Pingle
12:41 PM pfSense Packages Bug #14406 (Resolved): Squid Proxy version 0.4.46 Missing Error subfolder and files for "en" or "en-usa" and all other languages.
This is fixed in 23.09.1. The language folders are present:... Steve Wheeler
02:18 AM pfSense Packages Bug #14406: Squid Proxy version 0.4.46 Missing Error subfolder and files for "en" or "en-usa" and all other languages.
Correction
@ln -s /usr/local/etc/squid/errors/templates /usr/local/etc/squid/errors/en-us@
and
@ln -s /usr/l... Jonathan Lee
02:03 AM pfSense Packages Bug #14406: Squid Proxy version 0.4.46 Missing Error subfolder and files for "en" or "en-usa" and all other languages.
ln -s /usr/local/etc/squid/errors/templates /usr/local/etc/squid/en
This command fixes the problem.
Link the f... Jonathan Lee
07:56 AM pfSense Plus Bug #15151: OpenVPN TAP & BRIDGE
Jim,
we don't need a forum, we need a contact to people who have real influence on the pfSense code - you don't ha... Łukasz Rojczyk

01/10/2024

11:28 PM pfSense Plus Bug #15149: Hardware Crypto showing No Hardware Crypto Acceleration for system with crypto chip installed
25.05.01 It has no issues with that ID Jonathan Lee
11:27 PM pfSense Plus Bug #15149: Hardware Crypto showing No Hardware Crypto Acceleration for system with crypto chip installed
@Jim Pingle
@dco_update_peer_stat: invalid peer ID 0 returned by kernel@
shows when using the crypto chip it... Jonathan Lee
11:22 PM pfSense Plus Bug #15153 (Not a Bug): Backup Restore Issues restoring (Restore Area: Firewall Rules) Aliases for Subnets
Hello fellow Redmine members,
I wanted to report a bug I found in the Backup Restore section of pfSense Plus.
... Jonathan Lee
07:41 PM pfSense Plus Bug #15151: OpenVPN TAP & BRIDGE
A tap bridge is only useful for linking L2 which would see MAC addresses, so you reserve hosts in DHCP by MAC address... Jim Pingle
07:21 PM pfSense Plus Bug #15151: OpenVPN TAP & BRIDGE
I checked what you suggested but from the client side it is also no longer possible to make a bridge with the OpenVPN... Łukasz Rojczyk
05:41 PM pfSense Plus Bug #15151 (Rejected): OpenVPN TAP & BRIDGE
I provided a link with the "official" way to bridge OpenVPN to a LAN.
Third party guides/videos are not good refer... Jim Pingle
05:30 PM pfSense Plus Bug #15151: OpenVPN TAP & BRIDGE
You remain in error.
Somehow it was able to work well for 6 years and I think it was used by many people who use T... Łukasz Rojczyk
05:20 PM pfSense Plus Bug #15151 (Feedback): OpenVPN TAP & BRIDGE
Normally with a tap bridge you don't have an interface address / tunnel network on the member interfaces, only on the... Jim Pingle
04:44 PM pfSense Plus Bug #15151 (Rejected): OpenVPN TAP & BRIDGE
When configuring OpenVPN TAP with a static address pool, there is a problem when configuring the TAP bridge with anot... Łukasz Rojczyk
05:27 PM Regression #15152 (Resolved): Systems with low RAM fail to upgrade to 24.03
The 1100 fails to upgrade to 24.03 with 'no space left' errors. This appears to be on any tmpfs device. So that's /va... Steve Wheeler
03:46 PM pfSense Plus Bug #14824: OpenVPN instance on IPv6 PPPoE interface does not always start automatically
I have diagnosed something, so far I know that removing the TAP bridge from the LAN solves the problem above.
Is t... Łukasz Rojczyk
02:08 PM Bug #15145 (Pull Request Review): Unable to perform Packet Captures on a tailscale interface in GUI with default settings
Can't close this yet, the patch hasn't been merged anywhere. Jim Pingle
07:25 AM Bug #15145 (Resolved): Unable to perform Packet Captures on a tailscale interface in GUI with default settings
Danilo Zrenjanin
07:24 AM Bug #15145: Unable to perform Packet Captures on a tailscale interface in GUI with default settings
The patch fixes it.
Tested against:... Danilo Zrenjanin
08:20 AM Bug #15063 (Confirmed): vpn_openvpn_server.php: shows last used interface, after changing to multihome
Danilo Zrenjanin
08:20 AM Bug #15063: vpn_openvpn_server.php: shows last used interface, after changing to multihome
I can confirm this behavior.
Tested against:... Danilo Zrenjanin

01/09/2024

10:54 PM pfSense Plus Bug #15104: Layer 2 experimental Firewall/Rules/Ethernet: new broadcast domain issues
This is what I mean by rule id I use it with my LED script. With the new rules when using them with wlan address they... Jonathan Lee
10:50 PM pfSense Plus Bug #15104: Layer 2 experimental Firewall/Rules/Ethernet: new broadcast domain issues
https://forum.netgate.com/topic/185443/example-of-layer-2-ethernet-firewall-rules
I was able to get it to work how... Jonathan Lee
10:43 PM Revision c7c8d878: pfSense-boot: silence mount -p stderr
Usually mount -p will not emit stderr, however some automation environments lack
/etc/fstab which will cause error me... Reid Linnemann
03:55 PM Bug #15148 (Resolved): OpenVPN Wizard fails when a VIP is used
Marcos M
03:23 PM Bug #15148: OpenVPN Wizard fails when a VIP is used
Looks good in 23.09.1 - SG2100 and 2.7.1 in a VM. dylan mendez
03:52 PM Revision 1fc8364a: poudriere: move to drm-515-kmod
Marcos M
03:52 PM pfSense Packages Bug #11970 (Confirmed): Netgate Firmware Upgrade Doesn't Work on XG-2758 (ADI/coreboot)
Steve Wheeler
03:51 PM pfSense Packages Bug #11970: Netgate Firmware Upgrade Doesn't Work on XG-2758 (ADI/coreboot)
2.4.4-p3 is still the most recent version that included a compatible firmware update package for the XG-2758. Steve Wheeler
03:43 PM pfSense Plus Bug #15149: Hardware Crypto showing No Hardware Crypto Acceleration for system with crypto chip installed
If it's shown on the dashboard as active, and there is kernel encryption happening on the VPN (e.g. OpenVPN DCO, IPse... Jim Pingle
03:27 PM pfSense Plus Bug #15149: Hardware Crypto showing No Hardware Crypto Acceleration for system with crypto chip installed
Is there anything I can do because I have the older 2100 that has this chip, I understand the new 2100 does not come ... Jonathan Lee
01:49 PM pfSense Plus Bug #15149 (Not a Bug): Hardware Crypto showing No Hardware Crypto Acceleration for system with crypto chip installed
The OpenVPN crypto hardware choice is not relevant and hasn't done anything meaningful in years. It should probably b... Jim Pingle
01:36 AM pfSense Plus Bug #15149: Hardware Crypto showing No Hardware Crypto Acceleration for system with crypto chip installed
New firmware was installed also same issue Jonathan Lee
01:36 AM pfSense Plus Bug #15149: Hardware Crypto showing No Hardware Crypto Acceleration for system with crypto chip installed
https://forum.netgate.com/topic/185411/23-09-01-hardware-crypto-showing-no-hardware-crypto-acceleration-for-system-wi... Jonathan Lee
01:30 AM pfSense Plus Bug #15149 (Not a Bug): Hardware Crypto showing No Hardware Crypto Acceleration for system with crypto chip installed
The Hardware Crypto is no longer showing up under OpenVPN configuration. My Netgate appliance has a crypto chip insta... Jonathan Lee
02:44 PM pfSense Docs New Content #15150 (Resolved): Update IPsec Terminology Differences
Reference: https://docs.netgate.com/pfsense/en/latest/vpn/ipsec/compatibility.html#terminology-differences
Includ... Mike Moore

01/08/2024

11:05 PM pfSense Packages Bug #15131: OpenVPN client export issues with iPhone and IPV6 connections
Tried this in an iPhone 13 with latest iOS version, but on IPv4 and it worked fine. This seems to be related to IPv6 ... dylan mendez
10:55 PM Bug #15148 (Feedback): OpenVPN Wizard fails when a VIP is used
Applied in changeset commit:2b2b084c185726487aeaa4d5dd9ea6177d92968c. Marcos M
10:35 PM Bug #15148: OpenVPN Wizard fails when a VIP is used
Looks good with that patch applied to 23.09.1 in aarch64. Steve Wheeler
10:24 PM Bug #15148 (Ready To Test): OpenVPN Wizard fails when a VIP is used
It looks like this never worked. Fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1120 Marcos M
05:21 PM Bug #15148 (Resolved): OpenVPN Wizard fails when a VIP is used
If you create a remote access server using the OpenVPN wizard and select a VIP as the interface it creates an invalid... Steve Wheeler
09:25 PM Regression #14431: Sending IPv6 traffic on a disabled interface can trigger a kernel panic
I've pushed a workaround to both devel-main and plus-devel-main. That should avoid the panic (or at least make it muc... Kristof Provost
09:20 PM Revision 2b2b084c: Handle VIPs in OpenVPN Wizard. Fix #15148
Marcos M
04:35 PM Bug #15144: smtp account details specifically password are lost with test if not saved
Jim Pingle wrote in #note-1:
> The current text is clear in stating that it uses the SAVED values, not what was ente... Des Quinn
01:34 PM Bug #15144 (Rejected): smtp account details specifically password are lost with test if not saved
The current text is clear in stating that it uses the SAVED values, not what was entered into the form, and that appl... Jim Pingle
02:23 PM Bug #15134: Post upgrade to 2.7.2 - Change in alias name stops all traffic
Kris Phillips wrote in #note-3:
> Also unable to recreate this on either 2.7.2 or 23.09.1. Until more details can b... Rajko B
01:32 PM Bug #15134 (Incomplete): Post upgrade to 2.7.2 - Change in alias name stops all traffic
Jim Pingle
01:31 PM pfSense Packages Bug #13997 (Closed): NUT Package and 23.01
Jim Pingle
01:31 PM Bug #15146 (Rejected): Outbound NAT rules need re-applied after restore in different hardware
Any manual outbound NAT rules in the list would have to be updated by hand (even in hybrid mode). Anything automatic ... Jim Pingle
11:56 AM Revision b580dbfb: Font Awesome: Update to v6.5.1
Christian McDonald
01:17 AM Bug #15147 (Closed): Cannot configure dual stack IPsec tunnel to accept connections from any remote address on both address families
If in Phase 1, Internet Protocol "Both (Dual Stack)" is selected, then under Remote Gateway the explanation in the bl... Lars Wolos

01/07/2024

12:53 PM Bug #15146 (Rejected): Outbound NAT rules need re-applied after restore in different hardware
After restoring a backup to a different hardware access from LAN to WAN was not passed through.
Steps to reproduc... Vasileios Mitrousis
06:15 AM pfSense Packages Bug #14836: squid and capitive portal integration bug
Tested on
23.09.1-RELEASE (amd64)
built on Wed Dec 20 18:27:00 UTC 2023
FreeBSD 14.0-CURRENT
24.03-DEVELOPMEN... aleksei prokofiev
06:02 AM Bug #15145: Unable to perform Packet Captures on a tailscale interface in GUI with default settings
Tested on
23.09.1-RELEASE (amd64)
built on Wed Dec 20 18:27:00 UTC 2023
FreeBSD 14.0-CURRENT
24.03-DEVELOPMENT ... aleksei prokofiev
03:25 AM pfSense Packages Bug #13997: NUT Package and 23.01
This is stale and should be closed. Denny Page
01:41 AM Bug #15130: Kea will not start with identical MAC address filters on multiple interfaces
I can confirm this issue. I also can confirm that it happens with both the Allowed MACs and Denied MACs fields. You... Kris Phillips
01:37 AM Bug #15134: Post upgrade to 2.7.2 - Change in alias name stops all traffic
Also unable to recreate this on either 2.7.2 or 23.09.1. Until more details can be provided, this should be marked a... Kris Phillips

01/06/2024

11:27 PM Bug #15145 (Pull Request Review): Unable to perform Packet Captures on a tailscale interface in GUI with default settings
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1118 Christopher Cope
11:16 PM Bug #15145 (Resolved): Unable to perform Packet Captures on a tailscale interface in GUI with default settings
Attempts to do a packet capture on the tailscale interface in the GUI results in it stopping immediately.
Trying t... Christopher Cope
10:28 PM Feature #855: Ability to selectively kill states on gateway recovery
This is a very frustrating issue. I do not understand where the issue is at since on a failure, the states are down a... Craig Sharp
05:23 PM Bug #15144 (Rejected): smtp account details specifically password are lost with test if not saved
When you goto enter account and passwpord details for smtp server then press test, it may work. However, the saved pa... Des Quinn
10:51 AM Bug #15143 (Not a Bug): Telegram notification of DynDNS update spoiles IP address
pfSense 2.7.x
DynDNS via "Update URL" like http://sync.afraid.org/u/bla-bla-bla
Telegram Notifications enabled
A... Alexei Mezin
09:18 AM Bug #14757: Special character encoding - crash on save / config restore
Not able to replicate this,
I set the group name with "&uuml;" on 2.6... Lev Prokofev
08:23 AM pfSense Packages Regression #14418 (Resolved): RRD Summary prints zero in all data fields
I tested the version:... Danilo Zrenjanin
02:43 AM Bug #15134: Post upgrade to 2.7.2 - Change in alias name stops all traffic
I'm not able to reproduce this on a system upgraded to 2.7.2 from the 2.7 installation image. I simply made an alias ... Chris W

01/05/2024

07:07 PM pfSense Docs Todo #15125: Feedback on Services — DHCPv4
Ethan Word wrote:
> *Page:* https://docs.netgate.com/pfsense/en/latest/services/dhcp/relay.html
>
> *Feedback:*
... Ethan Word
02:21 PM pfSense Docs Todo #15125 (Closed): Feedback on Services — DHCPv4
Warning corrected (again): https://gitlab.netgate.com/docs/pfSense-docs/-/commit/274f8df2a134de5e29c9ee943b2c705edd5e... Jim Pingle
02:14 PM pfSense Docs Todo #15125: Feedback on Services — DHCPv4
That note was changed after support was added for running both at the same time in #14620 , but didn't get changed ba... Jim Pingle
04:42 PM pfSense Docs Todo #15142: Feedback on Virtual Private Networks — OpenVPN — Assigning OpenVPN Interfaces
agree to disagree. Rick Lunt
04:41 PM pfSense Docs Todo #15142 (Rejected): Feedback on Virtual Private Networks — OpenVPN — Assigning OpenVPN Interfaces
It's already clear what is meant based on context there. Spelling it all out in that much detail makes it far too wor... Jim Pingle
04:29 PM pfSense Docs Todo #15142 (Rejected): Feedback on Virtual Private Networks — OpenVPN — Assigning OpenVPN Interfaces
*Page:* https://docs.netgate.com/pfsense/en/latest/vpn/openvpn/assign.html
*Feedback:*
re-open unclear document... Rick Lunt
04:37 PM pfSense Docs Todo #15136: Feedback on pfSense® software Configuration Recipes — Routing Internet Traffic Through A Site-To-Site OpenVPN Tunnel
Agree, missed the hyperlink to https://docs.netgate.com/pfsense/en/latest/vpn/openvpn/assign.html
Which made the s... Rick Lunt
03:54 PM Todo #13537: Update vendor files
Hi Marcos,
thanks for taking a look.
I think updating to bootstrap 4 might require a bit more work, definitely need... GChuf 6
03:04 PM pfSense Docs Todo #15113 (Closed): Update Image Verification Document to tell people to not sha256sum the .sha256 file, but instead just view the contents
This should hopefully clarify things:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/b9eaf245752a7738fdc66b... Jim Pingle
02:10 PM pfSense Docs Todo #15141 (Closed): Feedback on Development — Executing Commands at Boot
I added a bit of text there explaining those scripts also get run at other times, and listed examples of those times.... Jim Pingle
02:16 AM pfSense Docs Todo #15141 (Closed): Feedback on Development — Executing Commands at Boot
*Page:* https://docs.netgate.com/pfsense/en/latest/development/boot-commands.html
*Feedback:*
https://forum.net... Vincent Waniel
08:14 AM Bug #15127 (Resolved): ``check_dnsavailable()`` failing even when DNS is available
I applied the patch and tested all the services that were potentially affected.
ACB worked fine.
The DHCP lease pag... Danilo Zrenjanin
08:01 AM Bug #14613: Incorrect wireguard control panel status management
The 2.7.2 bug seems to have been fixed. I upgraded from 2.7 to 2.7.2 and restarted. The bug did not recur. I will con... hao zhang
01:07 AM Bug #15137: wireguard
This site is not for support or diagnostic discussion. Wtf was I doing. I was goin to drop a hole buch of info on thi... Mftic Mftic
12:45 AM Revision fa953ac0: Consolidate is_url_hostname_resolvable() into resolve_address()
is_url_hostname_resolvable() used gethostbyname() which only
supports getting IPv4 records. This change makes resolve... Marcos M

01/04/2024

09:52 PM Revision 0b3052b3: Clarify function use and description
Marcos M
08:01 PM Bug #15137 (Closed): wireguard
This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Marcos M
03:17 PM Bug #15137 (Closed): wireguard
Each time I get wireguard to work. I run a speed test and pfsense Crash hard. I have to install pfsense all over..
... Mftic Mftic
07:55 PM Bug #15140 (Incomplete): Remote syslog servers on dynamically routed networks are being sent out default GW after reboot when using source IP of "lan"
OK, it's best to track that down for this report (possibly discuss further in the forums). The overall "state" issue ... Marcos M
07:25 PM Bug #15140: Remote syslog servers on dynamically routed networks are being sent out default GW after reboot when using source IP of "lan"
Marcos M wrote in #note-2:
> > While it does prevent the traffic from exiting the WAN interface, the syslog messages... James Blanton
07:06 PM Bug #15140: Remote syslog servers on dynamically routed networks are being sent out default GW after reboot when using source IP of "lan"
> While it does prevent the traffic from exiting the WAN interface, the syslog messages are still not being routed pr... Marcos M
05:04 PM Bug #15140: Remote syslog servers on dynamically routed networks are being sent out default GW after reboot when using source IP of "lan"
Pull request: https://github.com/pfsense/pfsense/pull/4665 James Blanton
04:48 PM Bug #15140 (Incomplete): Remote syslog servers on dynamically routed networks are being sent out default GW after reboot when using source IP of "lan"
Syslogd is started before any packages are started, including the FRR package. If any remote syslog servers are on a ... James Blanton
04:45 PM Feature #14765 (Rejected): DHCPv6 is limited to DUID and unable to consider IAID
Unfortunately this is not supported on ISC DHCPv6, and I've not yet seen a way to handle this on Kea.
https://kb.isc.... Marcos M
04:43 PM Bug #15127 (Feedback): ``check_dnsavailable()`` failing even when DNS is available
Fixed in commit:11b04370dda80cfe9abed42192faa51f21d30eb0. Marcos M
04:41 PM Bug #15139 (Resolved): Local DNS resolution behavior does not add an IPv6 nameserver
Fixed in commit:89cc24a60c601954e86d4acfc52f5356afecd069.... Marcos M
04:36 PM Bug #15139 (Resolved): Local DNS resolution behavior does not add an IPv6 nameserver
Under @System > General Setup@, the "local" DNS Resolution behavior only adds an IPv4 localhost - IPv6 is missing. Th... Marcos M
04:38 PM Revision 11b04370: Refactor system DNS check. Fix #15127
Marcos M
04:38 PM Revision 89cc24a6: Add IPv6 localhost nameserver to /etc/resolv.conf. Fix #15139
Marcos M
03:27 PM pfSense Docs Todo #15138 (Rejected): Feedback on Virtual Private Networks — OpenVPN — Assigning OpenVPN Interfaces
Please post on the forum if you have questions or problems following the documentation. The line in question is refer... Jim Pingle
03:18 PM pfSense Docs Todo #15138 (Rejected): Feedback on Virtual Private Networks — OpenVPN — Assigning OpenVPN Interfaces
*Page:* https://docs.netgate.com/pfsense/en/latest/vpn/openvpn/assign.html
*Feedback:*
this line: Navigate to V... Rick Lunt
03:11 PM pfSense Docs Todo #15136 (Rejected): Feedback on pfSense® software Configuration Recipes — Routing Internet Traffic Through A Site-To-Site OpenVPN Tunnel
Your assumption is incorrect. The only places that "OpenVPN interface" appear in the linked document are after the do... Jim Pingle
02:57 PM pfSense Docs Todo #15136 (Rejected): Feedback on pfSense® software Configuration Recipes — Routing Internet Traffic Through A Site-To-Site OpenVPN Tunnel
*Page:* https://docs.netgate.com/pfsense/en/latest/recipes/openvpn-s2s-route-internet-traffic.html
*Feedback:*
... Rick Lunt
12:38 PM Bug #15117: Shortcut bar on DHCPv6 leases (``status_dhcpv6_leases.php``) navigates to DHCPv4 destinations, not DHCPv6
Rewording subject for the release notes since this affected everything on the shortcut bar on that page, not just the... Jim Pingle
07:29 AM Bug #15117 (Resolved): Shortcut bar on DHCPv6 leases (``status_dhcpv6_leases.php``) navigates to DHCPv4 destinations, not DHCPv6
The patch fixes it.
I am marking this ticket as resolved. Danilo Zrenjanin
12:35 PM pfSense Plus Bug #14824: OpenVPN instance on IPv6 PPPoE interface does not always start automatically
Jan 4 13:00:00 openvpn 21642 Exiting due to fatal error
Jan 4 13:00:00 openvpn 21642 FreeBSD ifconfig failed: ... Łukasz Rojczyk
08:51 AM pfSense Packages Bug #15100: Tailscale IPv6 Exit Node uses first LAN interface when WAN is set to Only Request Prefix
This, or the broader issue of exit node gateway affects me with IPv4.
The seeming lack of configuration ability to s... C C

01/03/2024

11:17 PM pfSense Packages Bug #15132: bind-tools 9.18 pkg moved dnssec-* tools from sbin to bin
I'm working on the fix. The docs say to bump the version number in the makefile.
"When updating a package is it i... Stuart Wyatt
04:12 AM pfSense Packages Bug #15132 (New): bind-tools 9.18 pkg moved dnssec-* tools from sbin to bin
In bind.inc, the path to dnssec-keygen and dnssec-dsfromkey are hard coded to the /user/local/sbin/ directory. In bin... Stuart Wyatt
07:35 PM Bug #15135 (Feedback): Potential local file include vulnerability via DNS Resolver Python Module Script include mechanism
Applied in changeset commit:12cbb18a93c1f78e05806b6d3c90511e8967f43f. Jim Pingle
07:22 PM Bug #15135 (Resolved): Potential local file include vulnerability via DNS Resolver Python Module Script include mechanism
When the DNS Resolver Python Module function is enabled and a Python Module Script is present, the system also looks ... Jim Pingle
07:25 PM Revision 12cbb18a: Improve validation of DNS Resolver Python script. Fixes #15135
Jim Pingle
06:37 PM Bug #15084: Upgrading an EFI system installed to ZFS mirror does not upgrade EFI loader on additional disks
There was some change here recently as now this triggers a failure on upgrade for existing mirrors.
The second dis... Jim Pingle
03:23 PM pfSense Plus Bug #15097: Upgrade to 23.09.1 is not offered for 23.05.1
I had this issue on appliances while upgrading to 23.09 two branches back, where new version check was always failing... Clément PAPPALARDO
03:18 PM Bug #15133 (New): PHP error with OpenVPN server certificate verification if the certificate has multiple ``CN`` attributes
OK, good to know that worked.
We can fix the PHP error in the future but you may hit other issues with that sort o... Jim Pingle
03:14 PM Bug #15133: PHP error with OpenVPN server certificate verification if the certificate has multiple ``CN`` attributes
ok, it makes sense.
I recreated the certificate for this appliance (you were right, there was 2 CN), and now VPN S... Clément PAPPALARDO
02:33 PM Bug #15133: PHP error with OpenVPN server certificate verification if the certificate has multiple ``CN`` attributes
The error you are seeing is not relevant to the tunnel network and so on that's just a coincidence, the bulk of the s... Jim Pingle
02:20 PM Bug #15133: PHP error with OpenVPN server certificate verification if the certificate has multiple ``CN`` attributes
I have 2 WAN, I tried switching WAN source for this VPN server, not ok
I deleted vpn server and recreated it (same va... Clément PAPPALARDO
01:57 PM Bug #15133: PHP error with OpenVPN server certificate verification if the certificate has multiple ``CN`` attributes
I don't think so. I'm using it on 3 same other appliance without problems. My CA is a Windows CA imported.
On this A... Clément PAPPALARDO
01:46 PM Bug #15133 (Feedback): PHP error with OpenVPN server certificate verification if the certificate has multiple ``CN`` attributes
Is there something unusual about your server certificate? Was it created on pfSense or imported from elsewhere?
Th... Jim Pingle
09:46 AM Bug #15133: PHP error with OpenVPN server certificate verification if the certificate has multiple ``CN`` attributes
(but users cant connect without certificate verification) Clément PAPPALARDO
09:40 AM Bug #15133 (Resolved): PHP error with OpenVPN server certificate verification if the certificate has multiple ``CN`` attributes
... Clément PAPPALARDO
11:03 AM Bug #15134 (Incomplete): Post upgrade to 2.7.2 - Change in alias name stops all traffic
After installing the last 2.7.2 release, when we edited an Alias name - that rule stopped working, and all traffic wa... Rajko B
09:48 AM Bug #15130: Kea will not start with identical MAC address filters on multiple interfaces
Tested on:
23.09.1-RELEASE (amd64)
built on Wed Dec 20 18:27:00 UTC 2023
FreeBSD 14.0-CURRENT
I can confirm thi... aleksei prokofiev
06:26 AM Revision a68f7a3d: Update the years in the Copyright notice.
Luiz Souza

01/02/2024

08:50 PM Bug #15117 (Feedback): Shortcut bar on DHCPv6 leases (``status_dhcpv6_leases.php``) navigates to DHCPv4 destinations, not DHCPv6
Applied in changeset commit:3d95bdde7fbd926bd7ed7d3ac716f42727a15ca2. Jim Pingle
02:04 PM Bug #15117: Shortcut bar on DHCPv6 leases (``status_dhcpv6_leases.php``) navigates to DHCPv4 destinations, not DHCPv6
It's incorrect for me as well, the shortcut section on the page is set to @dhcp@ when it should be @dhcp6@:
source... Jim Pingle
08:43 PM Revision 3d95bdde: Correct DHCPv6 lease shortcut section. Fixes #15117
Jim Pingle
06:41 PM pfSense Packages Bug #15131: OpenVPN client export issues with iPhone and IPV6 connections
https://forums.openvpn.net/viewtopic.php?p=119902 (lists fix)
https://forums.openvpn.net/viewtopic.php?p=119904 (my ... Jonathan Lee
06:38 PM pfSense Packages Bug #15131 (Confirmed): OpenVPN client export issues with iPhone and IPV6 connections
I have researched and found an issue within the OpenVPN's client export config file for iPhones (OpenVPN Connect (iOS... Jonathan Lee
05:49 PM Bug #15130 (Resolved): Kea will not start with identical MAC address filters on multiple interfaces
Steps to duplicate:
Enter identical MAC address filters on two interfaces. kea will no longer start:
Jan 2 17:4... Chris Linstruth
05:04 PM pfSense Packages Todo #15119 (Feedback): Update nut-devel version and update startup script
Merged into devel branches, should be in snapshots for testing tomorrow. Jim Pingle
03:48 PM pfSense Plus Bug #15097: Upgrade to 23.09.1 is not offered for 23.05.1
Marcos M wrote in #note-4:
> The issue is due to a missing @.default@ file, e.g. @/usr/local/etc/pfSense/pkg/repos/pf... Tom L
02:06 PM Bug #15129 (Duplicate): Arp table not displaying hostname
Duplicate of #15127 (same root cause) Jim Pingle
01:49 PM Bug #15127: ``check_dnsavailable()`` failing even when DNS is available
This affects a lot more than just ACB. It affects DHCP lease display, ARP display, NDP display, update checks, and po... Jim Pingle
01:33 PM pfSense Plus Regression #14964 (Not a Bug): SG-3100: iscsi support removed from 23.09 kernel
At this point things removed from 3100 are unlikely to return as they were probably removed due to problems with armv... Jim Pingle

01/01/2024

01:55 PM Bug #15129: Arp table not displaying hostname
So I applied this patch https://redmine.pfsense.org/issues/15127 and now hostnames are back..
See the above thread... JohnPoz _
01:30 PM pfSense Packages Bug #14058: Update vendor=on triggers installation failure
I just ran into this with arpwatch on 23.09.1... JohnPoz _
12:10 AM Regression #14970: Static ARP assignments lose ``permanent`` flag in ARP table
Basically someone (likely me) just needs to start producing test builds at various points in time between a known goo... Christian McDonald
12:02 AM Regression #14970: Static ARP assignments lose ``permanent`` flag in ARP table
Christian McDonald wrote in #note-17:
> If someone can provide me with two versions as closely related in time as po... Zachary Cohen

12/31/2023

11:07 PM Bug #15129: Arp table not displaying hostname
Probably more fallout from Netlink. I will look. Christian McDonald
10:44 PM Bug #15129: Arp table not displaying hostname
Thread https://forum.netgate.com/topic/185231/no-hostnames-under-diagnostics-arp JohnPoz _
10:43 PM Bug #15129 (Duplicate): Arp table not displaying hostname
So I recall about a year ago this was happening in the ndp table.. But now seems in the arp table same sort of proble... JohnPoz _
09:19 PM pfSense Docs Correction #15128 (Closed): Note that a WireGuard peer must have "Dynamic" unset to see Endpoint options
*Page:* https://docs.netgate.com/pfsense/en/latest/recipes/wireguard-s2s.html
*Feedback:* The Peer Configuration s... Phil Duby
08:12 PM Regression #14970: Static ARP assignments lose ``permanent`` flag in ARP table
If someone can provide me with two versions as closely related in time as possible along with a reproducer I can bise... Christian McDonald
07:20 AM Regression #14970: Static ARP assignments lose ``permanent`` flag in ARP table
Boycee . wrote in #note-11:
> The issue I opened (#15105) was a decided to be a duplicate of this one. Just pasting... Zachary Cohen
05:19 AM Bug #15117: Shortcut bar on DHCPv6 leases (``status_dhcpv6_leases.php``) navigates to DHCPv4 destinations, not DHCPv6
It is, indeed, the related settings link. on my system, this is a link to
https://<fqdn>/services_dhcp.php - it sho... David Cornejo
01:26 AM Bug #15117: Shortcut bar on DHCPv6 leases (``status_dhcpv6_leases.php``) navigates to DHCPv4 destinations, not DHCPv6
I'm not able to confirm this. Going to Status --> DHCPv6 Leases --> Related Settings link at the top goes to the DHC... Kris Phillips
04:40 AM Bug #15127: ``check_dnsavailable()`` failing even when DNS is available
verified prior condition and that ACB restore entries were once again present following application of the patch above Jordan G
12:43 AM pfSense Plus Bug #15126: SG-1100 pfSense+ recovery results in non aligned disk slices
David Burns wrote:
> Currently preparing for an upgrade of SG-1100 remote worker fleet.
>
> However after install... Kris Phillips
12:20 AM Bug #15122: PHP errors in LDAP server prevent it from falling back to Local Database
Merged https://gitlab.netgate.com/pfSense/pfSense/-/commit/c48e3d87347538a6ef3e8b7542bdd498176343dd Christopher Cope
 

Also available in: Atom